Yesterday, hackers Plutoo, Derrek, and Naehrwert were at the 34C3 hacking conference in Germany to give a presentation on their kernel hacks on the Nintendo Switch (video below). Hacker Yellows8 wasn't there but was also credited for some of the work that led to this presentation.

[...] They detail in particular the sm:hax exploit (which consists in skipping an initialization step for a service, which results in the service manager thinking the service has pid 0, making it root giving it additional privileges*), as well as the hardware glitching process that was used to get the Kernel decryption keys. Naehrwert also presents how he bypassed ARM's Trustzone on the Switch, a stunt he insists "is not useful for homebrew, but fun".

One of the highlights of the presentation is how the hackers leveraged the fact that the Nintendo Switch uses an "off the shelf" Nivdia Tegra X1. A GPU that is well documented, and for which debugging hardware can also be officially be acquired at reasonable prices. The X1 documentation in particular gave the hackers detailed information on how to bypass some security of the SMMU (system Memory Management Unit). "Just search for 'bypass the SMMU' in the documentation", Plutoo says. He concludes: "Nvidia Backdoored themselves".

The one caveat to this new homebrew experience is that it is only currently validated for Nintendo Switch 3.0.0 firmware. So, if you want to take part in the festivities, you will need to stay on that firmware and resist the urge to update to a newer build.

When a Switch owner named Setery told a gaming forum about how NES Golf randomly appeared on her Switch's screen, commenters accused her console of being haunted. Switch hackers' subsequent race to unearth NES Golf now indicates that there's a hidden game on the console and, actually, it appears to be a heartwarming tribute to the deceased Nintendo CEO Satoru Iwata.

[...] Prior to heading Nintendo, Iwata was a programmer... The story goes that, after several developers turned down the task of developing the NES's Golf, Iwata found a way to fit the game's 18-hole course onto a cartridge's modest memory.

On July 11th, 2015, Iwata succumbed to cancer at age 55. As Nintendo CEO, Iwata was known for his "Iwata Asks" column on Nintendo's website and his appearances at major Nintendo events. Thanks to Nintendo Directs, he also became associated with a very specific gesture.

[...] Fast forward to early summer, 2017, when hackers discovered a hidden NES emulator on the Switch referred to as "Flog," Ars Technica reports. "We thought they had included it during manufacturing by mistake," Plutoo, one of the Switch hackers... Last weekend, bored, Plutoo decided to look into it. ... He says he discovered two intriguing details: "The code looked for the date July 11th, and the code right before seemed to enable the 'Joycon sixaxis' motion sensors."

The Nintendo Switch has been an unqualified success so far, with Nintendo recently promising increased holiday season production to meet demand and expectations of over 16 million total sales by the end of March 2018. Reporting now suggests the company is expecting that sales pace to increase markedly in the coming year, though, and another associated production increase would come with both a fair amount of potential and risk for the company.

The production news comes from The Wall Street Journal, which cites "people with direct knowledge of the matter" in reporting that Nintendo plans to make 25 to 30 million Switch units in the coming fiscal year (which starts in April 2018). That's a major increase from the 13 million produced for the current fiscal year, which itself was a sizable increase from the company's initial plans to make just 8 million units for the console's first full year on shelves. WSJ's sources say those production numbers could go up even higher if coming holiday season sales are strong.

The success of the company's latest gaming console, the Nintendo Switch, is the result of lessons taken from the failed Wii U, according to Reggie Fils-Aimé, the president of Nintendo America.

[...] The console also didn't have a consistent flow of new games supporting the system. "We've addressed that with the Nintendo Switch -- having a steady pace of new launches is critical," he said. The Switch includes games like "The Legend of Zelda: Breath of the Wild," "Super Mario Odyssey" and "Mario Kart 8 Deluxe."

Another issue with the Wii U was that it didn't have "strong support" from Nintendo's third-party partners, Fils-Aimé said. "Whether it's the big companies like Electronic Arts, or whether it's the smaller independent developer, we need those companies to create content to support us. We have that now with Nintendo Switch," he said.

Those wishing for 64GB Nintendo Switch game cards will have to keep waiting. According to a Wall Street Journalreport, Nintendo pushed back the rollout of 64GB game cards until 2019, citing "technical issues" as the problem. Game developers get Switch cards from Nintendo, so this means that they'll have to wait to get game cards that can support big titles.

[...] Nintendo initially attempted to alleviate the storage issue with the Switch's microSD card slot, which can hold an extra 2TB of space. However, 2TB microSD cards aren't available yet, and not every microSD card is the same. Some big titles require high-speed microSD cards to run properly.

While many mobile devices and the Nintendo Switch can support up to 2 TB of microSD storage, the largest currently in production is SanDisk's 400 GB card, which currently retails for $250.

Not long after its March launch last year, it was revealed that a GPU exploit in the Nintendo Switch could be used to run unofficial software, like pirated games and homebrew ROMs. Since then, the Switch's hacking community has grown, and the discovery of a new 'unpatchable' exploit last month has only made the console more attractive to pirates and homebrew fans.

Nintendo isn't taking the assault on its walled garden lightly, however, and is taking steps to crack down and dissuade users from taking advantage of the security holes.

The Japanese company has begun banning hacked consoles from its online services, sending error notifications when users attempt to log in. According to the message, "The use of online services on this console is currently restricted by Nintendo," and users will need to "Contact Customer Support via the Nintendo Support Website".

[Hacker] group Fail0verflow has claimed to have found a Nintendo Switch hack.

The group has posted the picture of Switch booting a Debian GNU/Linux installation. The picture also shows a serial adapter connected to one Joy-Con docks. Notably, Fail0verflow is the same group that hacked Nintendo Wii and PlayStation 3.

What makes this Nintendo Switch hack special is that it can't be patched in the currently released consoles. This is because the exploit was found in the boot ROM process of Nvidia Tegra X1 chips that can't be patched with software or firmware updates.

That's not all. This hack to run Linux doesn't even need a mod chip to run.

Firmware revision 3.0.0 has the aforementioned userland exploits, and that's what's being actively promoted. Original print-run Pokken Tournament DXs had 3.0.0 on the cart.

Many of the prominent homebrew developers are staunchly against piracy. Supposedly 1.0.0 has kernel level exploits which, while less likely to see public release anytime soon, obviously have further ranging capabilities, including the potential to emulate later firmware revisions.

The homebrew developers have been actively encouraging 1.0.0 people to get on 3.0.0 even though there is no reason to do so at this point in time -- the only upgrade path exists in the form of a static medium, and there's nothing yet that can be done with 3.0.0. One wonders as to their motivations.